Описание
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | code not present |
| esm-infra/focal | DNE | focal was not-affected [code not present] |
| focal | not-affected | code not present |
| jammy | not-affected | code not present |
| lunar | not-affected | code not present |
| mantic | not-affected | code not present |
| trusty | ignored | end of standard support |
| upstream | released | 121.0.6167.85 |
| xenial | ignored | end of standard support |
Показывать по
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)
Chromium: CVE-2024-0810 Insufficient policy enforcement in DevTools
Insufficient policy enforcement in DevTools in Google Chrome prior to ...
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)
Уязвимость набора инструментов для веб-разработки DevTools браузеров Microsoft Edge и Google Chrome, позволяющая нарушителю раскрыть защищаемую информацию
EPSS
4.3 Medium
CVSS3